Is the AF_ALG plugin still the current method to enable openssl to make use
of hardware acceleration via Linux kernel crypto-api?
The current board support package for my embedded system uses Linux 3.0.4
with openssl 1.0.0j. The processor is Freescale P2020E which has security
engine supported by kernel crypto-api using Talitos driver.
I followed instructions from these two websites:
http://src.carnivore.it/users/common/af_alg/about/
http://masu.6f.sk/index.php/Nsa310_crypto
Upon updating the openssl.cnf file as directed in these websites, openssl
generates the following errors:
# openssl speed -evp aes-128-cbc -engine af_alg -elapsed
Error configuring OpenSSL
805465480:error:260BC066:engine routines:INT_ENGINE_CONFIGURE:engine
configuration error:eng_cnf.c:204:
805465480:error:0E07606D:configuration file routines:MODULE_RUN:module
initialization error:conf_mod.c:235:module=engines, value=openssl_engines,
retcode=-1
Here is the section I added to the openssl.cnf file:
openssl_conf = openssl_def
[ openssl_def ]
engines = openssl_engines
[ openssl_engines ]
af_alg = af_alg_engine
[ af_alg_engine ]
default_algorithms = ALL
CIPHERS=aes-128-cbc
DIGESTS=sha1
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
